CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Exploit code public for critical FortiSIEM command injection flaw
Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a remo ...
-
CybersecurityNews
New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data
A novel single-click attack targeting Microsoft Copilot Personal that enables attackers to silently exfiltrate sensitive user data. The vulnerability, now patched, allowed threat actors to hijack sess ...
-
BleepingComputer
Microsoft updates Windows DLL that triggered security alerts
Microsoft has resolved a known issue that was causing security applications to incorrectly flag a core Windows component, the company said in a service alert posted this week. The list of affected sys ...
-
CybersecurityNews
Critical FortiSIEM Vulnerability(CVE-2025-64155) Enable Full RCE and Root Compromise
In August 2025, Fortinet issued an advisory for CVE-2025-25256, an OS command injection vulnerability (CWE-78) in FortiSIEM that exposed the platform to unauthenticated remote code execution via craft ...
-
hackread.com
Microsoft January 2026 Patch Tuesday: 115 Vulnerabilities Fixed
Microsoft has released its first Patch Tuesday of 2026, delivering a massive wave of security fixes to protect users from various digital threats. This month, the tech giant addressed 115 vulnerabilit ...
-
TheCyberThrone
CVE-2025-64155 – Critical RCE in Fortinet FortiSIEM
January 14, 2026Fortinet patched a severe unauthenticated remote command injection flaw in FortiSIEM on January 13, 2026, tracked as CVE-2025-64155 with CVSS 9.4.Discovered by Horizon3.ai in August 20 ...
-
CybersecurityNews
Microsoft Warns Secure Boot May Be Bypassed as Windows UEFI Certificates Expire
Microsoft has addressed a critical security feature bypass vulnerability in Windows Secure Boot certificates, tracked as CVE-2026-21265, through its January 2026 Patch Tuesday updates. The flaw stems ...
-
cert.pl
Vulnerability in Crazy Bubble Tea mobile application
Vulnerability in Crazy Bubble Tea mobile application CVE ID CVE-2025-14317 Publication date 14 January 2026 Vendor Emaintenance Product Crazy Bubble Tea Vulnerable versions All before 915 (Android) an ...
-
The Hacker News
Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution
Jan 14, 2026Ravie LakshmananVulnerability / Patch Management Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve ...
-
CybersecurityNews
Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets
Fortinet disclosed a critical OS command injection vulnerability in FortiSIEM on January 13, 2026, warning users of a high-risk flaw that lets unauthenticated attackers execute arbitrary code. Tracked ...